diff --git a/awx/api/filters.py b/awx/api/filters.py index 6d5c7920c5..94a3fcc33f 100644 --- a/awx/api/filters.py +++ b/awx/api/filters.py @@ -149,6 +149,11 @@ class FieldLookupBackend(BaseFilterBackend): return field.to_python(value) def value_to_python(self, model, lookup, value): + try: + lookup = lookup.encode("ascii") + except UnicodeEncodeError: + raise ValueError("%r is not an allowed field name. Must be ascii encodable." % lookup) + field, new_lookup = self.get_field_from_lookup(model, lookup) # Type names are stored without underscores internally, but are presented and diff --git a/awx/main/tests/unit/api/test_filters.py b/awx/main/tests/unit/api/test_filters.py index 6570ada6f7..45eec0df1f 100644 --- a/awx/main/tests/unit/api/test_filters.py +++ b/awx/main/tests/unit/api/test_filters.py @@ -1,3 +1,5 @@ +# -*- coding: utf-8 -*- + import pytest from rest_framework.exceptions import PermissionDenied @@ -24,6 +26,14 @@ def test_valid_in(valid_value): assert 'foo' in value +def test_invalid_field(): + invalid_field = u"ヽヾ" + field_lookup = FieldLookupBackend() + with pytest.raises(ValueError) as excinfo: + field_lookup.value_to_python(WorkflowJobTemplate, invalid_field, 'foo') + assert 'is not an allowed field name. Must be ascii encodable.' in excinfo.value.message + + @pytest.mark.parametrize('lookup_suffix', ['', 'contains', 'startswith', 'in']) @pytest.mark.parametrize('password_field', Credential.PASSWORD_FIELDS) def test_filter_on_password_field(password_field, lookup_suffix):